All the right notes
Bryn Robinson-Morgan
Principal Consultant - Digital Identity: Strategy, Product Development, and Implementation
The European Telecommunications Standards Institute (ETSI) recently described the UK as being “quite advanced” in age verification solutions for the protection of minors.? This statement is certainly true, there’s a plethora of providers offering their products and services into the market.? Yet websites selling age restricted products or access to age-appropriate content often don’t even ask for confirmation of age yet alone ask us to verify it.
In addition to requiring age verification for certain internet services under the Online Safty Act, the UK Government is also consulting on changes to the Licensing Act that could allow the use of digital identities and age assurance technologies when buying alcohol.? These requirements should open the market for the providers to offer their solutions into the market.
Both on the web and for in-person transactions, the issue will not be a lack of available solutions.? Rather the interoperability and ubiquity of acceptance amongst them.? The lack of a network and scheme orchestration for the different providers will stifle the adoption of digital trust services.
People in the real-world have grown up in a world where they have a single passport that allows them to travel to any country in the world, where their payment card works whether they’re paying on the web or in-person, regardless as to which merchant they’re shopping with or where in the world they’re paying.? Whilst there may be other requirements – a visa for travel or an International Driving Permit – these are accompanying documents to the underlying ubiquitous proof.
Imagine the shift from physical proof-of-age credentials (driving licences, PASS cards, passports) to digital credentials without this scheme orchestration.? On your evening out the first bar that you visit only accepts Provider A’s digital credential, the second only Provider B’s, the third doesn’t accept either.? The same on the web, where one digital credential is accepted here but not there.? Quite simply people will give up trying to use digital credentials and revert to legacy physical means. If the business problems of Relying Parties aren't met with seamless solutions, they will adopt a minimal compliance approach, use the cheapest providers, the ones that are just about good enough – regardless of privacy concerns, lack of integrity, or lack of inclusion. And race to the bottom that this drives.
领英推荐
I mentioned one of the physical credentials that is widely used in the UK – the PASS Card.? The Proof of Age Standards Scheme allows card providers to operate under their scheme – which requires them to adhere to standards and good practice, with a common acceptance mark. ?PASS, as the scheme operator, work with stakeholders, including the police, licensing authorities and industry trade bodies to ensure compliance and promote acceptance.
A key question for the in-person age verification use case is whether merchants and venues will pay for the acceptance of digital credentials.? There is a fallacy that accepting physical credentials is free.? The costs – training, compliance monitoring, liability risk, staff time – do exist though they’re hard to quantify into a per transaction price.? It remains to be seen in this use-case if the scheme operator is administrative or whether they also need an operational network role as well.
Whilst a change in legislation and regulatory requirements will take time to come into force, the wave is forming. ?Which providers of digital identity and age assurance will be well placed to ride it?? Which organisations will come to the fore to operate scheme(s) and operational networks?? Age verification can be the catalyst for broader adoption of digital identity – having connected providers and their users to a scheme, the ability to bring new Relying Parties and use cases will grow exponentially.? A smart, invested and committed provider could catalyse a scheme through age verification and accelerate growth through other use cases.
We have all the right providers, they’re just not necessarily in the right order.? The opportunity is for a scheme to orchestrate them.
Specialist in trustworthy identity, security and data sharing
11 个月First you need to make your question more precise. Are you talking about trustworthy age verification or surveillance? The difference is identification - if you can identify (as in link this transaction with previous or future transactions with the same citizen/device), then you have access to all data about the individual and also feed further profiling. - if not, we can begin to discuss from the assumption of sustainable identity claims. Funding is a secondary issue.
Co-founder & CEO @ Illuminate tech. We research public interest tech and promote human agency online. Our advisory services support companies to build safe, inclusive digital platforms. Ex-Ofcom.
11 个月Thanks for sharing Bryn! Totally agree that interoperability/UX is a big hurdle to overcome. As you allude to, business models still also pose a big question mark for me - if the govt have decided that age assurance is key digital infrastructure, what role should they be playing in ensuring its adoption is successful & trustworthy?